Yusong Yao , Yiwen Shi , Guohua Tian , Meixia Miao , Willy Susilo
{"title":"PSCBO: A provably secure consensus-based blockchain Oracle","authors":"Yusong Yao , Yiwen Shi , Guohua Tian , Meixia Miao , Willy Susilo","doi":"10.1016/j.csi.2024.103892","DOIUrl":null,"url":null,"abstract":"<div><p>Blockchain technology, successful in cryptocurrency, holds transformative potential for various industries. In decentralized applications driven by blockchain, acquiring non-digitally verifiable data is crucial, particularly in smart contracts. To facilitate the transfer of off-chain data from websites to the blockchain, several studies have proposed various centralized and decentralized blockchain Oracles. However, centralized Oracles reintroduce central risks, such as the Single Point of Failure, while decentralized Oracles consistently rely on a voting mechanism, which incurs additional vulnerabilities and substantial costs. In this work, we uncover a misdirection attack in decentralized Oracles, resulting in a diminished security region in blockchain consensus. This manifests as prolonged settle times and reduced upper bounds for tolerance of adversarial consensus chip. By formalizing the voting process as a discrete-time Markov chain (DTMC), we further demonstrate that the maximum stake of the adversary for launching a misdirection attack is less than 50%. To counteract this threat, we introduce a novel voting model that relies on chain length rather than block data for voting. Formally, we propose the definition of our model named <span><math><mrow><mi>V</mi><mi>o</mi><mi>t</mi><mi>e</mi><mi>F</mi><mi>o</mi><mi>r</mi><mi>k</mi></mrow></math></span>. Following this, we present the specific consensus-based blockchain Oracle protocol, PSCBO. This protocol involves blockchain clients collecting and providing Oracle data, with an epoch-based voting mechanism to verify each set of Oracle information. We also analyze the security of the PSCBO backbone <span><math><mrow><mi>V</mi><mi>o</mi><mi>t</mi><mi>e</mi><mi>F</mi><mi>o</mi><mi>r</mi><mi>k</mi></mrow></math></span>, demonstrating its security region akin to a typical blockchain. Finally, we implement a proof-of-concept system to validate the security region and further underscore the practicality. Both security analysis and experiments affirm that PSCBO exhibits a higher adversarial fault tolerance and shorter waiting time to confirm transactions.</p></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"91 ","pages":"Article 103892"},"PeriodicalIF":4.1000,"publicationDate":"2024-07-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Standards & Interfaces","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0920548924000618","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}
引用次数: 0
Abstract
Blockchain technology, successful in cryptocurrency, holds transformative potential for various industries. In decentralized applications driven by blockchain, acquiring non-digitally verifiable data is crucial, particularly in smart contracts. To facilitate the transfer of off-chain data from websites to the blockchain, several studies have proposed various centralized and decentralized blockchain Oracles. However, centralized Oracles reintroduce central risks, such as the Single Point of Failure, while decentralized Oracles consistently rely on a voting mechanism, which incurs additional vulnerabilities and substantial costs. In this work, we uncover a misdirection attack in decentralized Oracles, resulting in a diminished security region in blockchain consensus. This manifests as prolonged settle times and reduced upper bounds for tolerance of adversarial consensus chip. By formalizing the voting process as a discrete-time Markov chain (DTMC), we further demonstrate that the maximum stake of the adversary for launching a misdirection attack is less than 50%. To counteract this threat, we introduce a novel voting model that relies on chain length rather than block data for voting. Formally, we propose the definition of our model named . Following this, we present the specific consensus-based blockchain Oracle protocol, PSCBO. This protocol involves blockchain clients collecting and providing Oracle data, with an epoch-based voting mechanism to verify each set of Oracle information. We also analyze the security of the PSCBO backbone , demonstrating its security region akin to a typical blockchain. Finally, we implement a proof-of-concept system to validate the security region and further underscore the practicality. Both security analysis and experiments affirm that PSCBO exhibits a higher adversarial fault tolerance and shorter waiting time to confirm transactions.
期刊介绍:
The quality of software, well-defined interfaces (hardware and software), the process of digitalisation, and accepted standards in these fields are essential for building and exploiting complex computing, communication, multimedia and measuring systems. Standards can simplify the design and construction of individual hardware and software components and help to ensure satisfactory interworking.
Computer Standards & Interfaces is an international journal dealing specifically with these topics.
The journal
• Provides information about activities and progress on the definition of computer standards, software quality, interfaces and methods, at national, European and international levels
• Publishes critical comments on standards and standards activities
• Disseminates user''s experiences and case studies in the application and exploitation of established or emerging standards, interfaces and methods
• Offers a forum for discussion on actual projects, standards, interfaces and methods by recognised experts
• Stimulates relevant research by providing a specialised refereed medium.